Jordan aka (SkyW4r33x)

1 exploit Active since Nov 2023
CVE-2023-4226 NOMISEC HIGH WORKING POC
Chamilo LMS <= 1.11.24 - Authenticated Remote Code Execution via PHP File Upload
Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files.
1 stars
CVSS 8.8